User authentication with biometric data (biometrics), e.g., speech, fingerprint, iris appearance is an alternative to conventional typed passwords. As an advantage, biometrics do not need to be memorized, and are difficult to replicate. However, biometrics are inherently noisy, and can have some variation over time. These makes biometric authentication less reliable than conventional password schemes.
That can be solved in part by storing reference biometrics accessible by an authentication device. Then, pattern matching can be used to compare current biometrics to be authenticated with the reference biometrics. However, that scheme can become a security threat when the reference biometrics are compromised.
Another way solves the problem by using “cancelable” biometrics, wherein the biometrics can be revoked at any time. However, it is difficult to guarantee security if the cancelable transformation can be compromised.
Another way to solve this problem is to use a “fuzzy vault,” Juels et al., “A Fuzzy Vault Scheme,” in IEEE Intl. Symp. on Information Theory, 2002. A value κ is encrypted using a set A. The value κ can be decrypted by a set B only if the set B substantially overlaps the set A, where the sets A and B can be ordered arbitrarily.
This is a form of error-tolerant encryption operation where keys are sets. Fuzzy vault uses a Slepian-Wolf coding error correction code (ECC). This is a type of distributed source coding wherein data are encoded independently by separate sources that cannot communicate with each other.
The ECC can correct the small variations in biometric data due to noise. Furthermore, the check bits of the ECC emulates the cryptographic hash of conventional password systems in that the check bits cannot be recovered. However, those schemes have a high false reject rates (FRR) because it is difficult to accommodate the time varying biometrics for a particular user. Therefore, it is difficult to design an ECC for that noisy channel.
The problem was partially remedied in the context of fingerprint biometrics by the related applications. There, after feature transformation of the fingerprint, the biometric channel is reduced to a binary symmetric channel (BSC), for which conventional ECC are available. Using Slepian-Wolf low-density parity check codes (LDPC) codes with 30 bits of security, that method achieves a FRR of 11% and a false acceptance rate (FAR) of 0.01%. However, for practical methods, the FRR-FAR tradeoff must still be improved.